VG Tech: Comparing Your Privates in PHP - Wed, 19/03/2014 - 16:56

In a new post to their blog, the VG Tech folks talk about "comparing your privates" with a "hidden" feature of PHP. Don't worry, they're referring to private class properties on object instances here...

I was going to compare several private properties between to objects and started making a piece of code to perform the actual comparison using getters for the properties. I felt the approach sucked, and started looking into alternatives way to do this.

He shares what the current PHP documentation shares about comparing objects, but neither of them take private properties into account. He remembers, however, that object visibility is at the class level not instance level, allowing two object instances of the same class to have access to all properties of the other, regardless of exposure level. He includes a code snippet showing how to use this to compare those private properties.


Community News: Packagist Latest Releases for 03.19.2014 - Wed, 19/03/2014 - 15:03
Recent releases from the Packagist:

ServerGrove Blog: Symfony2 components overview: Translation - Tue, 18/03/2014 - 23:37

The ServerGrove blog has posted their latest up-close look at the various components that make up the Symfony2 framework. In their latest post, they focus in on the Translator component.

Modern applications need to be internationalized and localized to be able to reach people from all over the world. Internationalization - aka i18n - is the process of designing a software application so that it can be adapted to various languages and regions without engineering changes. Localization - aka l10n - is the process of adapting internationalized software for a specific region or language by adding locale-specific components such as dates or currency. The Translation component provides different tools to get your application internationalized, but not localized.

The post covers the three main parts of the component - Catalogues, Loaders and Dumpers - and includes a simple example of creating the object, adding resources and calling "trans" to translate. There's also an example of using the YAML file loader to include the translated strings. There's also mentions of pluralization, translation "domains" and custom loaders.


Community News: Packagist Latest Releases for 03.18.2014 - Tue, 18/03/2014 - 15:01
Recent releases from the Packagist:

Community News: Latest PECL Releases for 03.18.2014 - Tue, 18/03/2014 - 14:04
Latest PECL Releases:
  • pthreads 2.0.1 Add globals inheritance option Add method to execute block in global scope Fix build when SPL is not loaded (spl sucks)

  • qb 2.1.1 Initial release

  • gmagick 1.1.7RC2 Changes to update support for PHP 5.6.0beta

  • solr 1.1.0b - SolrClient::system Access system servlet which fetch Solr Server System Information - SolrClient::commit argument $maxSegments is now DEPRECATED - SolrClient::commit Added support for expungeDeletes on - All SolrClient methods throws SolrClientExceptions instead of E_WARNING + SolrClientException - SolrClientExceptions' messages are more informative in case of connection errors - Added json extension validation - All SolrResponse, SolrQueryResponse, SolrUpdateResponse, SolrPingResponse, SolrGenericResponse, SolrDocument, and SolrInputDocument classes are now final - All parameters functions throws SolrIllegalArgumentException instead of E_RROR - SolrParams/SolrModifiableParams/SolrQuery throws SolrIllegalArguments Exception instead of E_ERROR (Feature #66858) - Various Bug Fixes

  • pthreads 2.0.2 Fix build in BSD and other *nix where PTHREAD_MUTEX_RECURSIVE_NP is enum

  • eio 1.2.4 Fix: Bitbucket issue #1: eio_open fails when file is owned by root

  • pthreads 2.0.0 Fix errors; inheritance and scope in threads (bugs in prepare) Fix fault; accessing destroyed objects (throw ex) Make use of inheritance within pthreads (bc compatible using alias) Remove abstract flag from ::run method Remove use of errors in favour of exceptions Remove all final modifiers on threaded objects Fix fault; submit to incorrectly constructed Pool Fixed fault; (re)using primitives that are object members across contexts Fixed fault; intermittent fault on session_start inside threads Various internal improvements

  • memcached 2.2.0RC1 - Fixes incorrect size when compressing serialized objects - Fixes endianess of compressed values

  • oci8 2.0.8 Enhancement - Improve performance of multi-row OCI_RETURN_LOB queries (Bug #66875)

  • mongo 1.5.0RC1 ** Bug * [PHP-995] - JSON detection * [PHP-996] - Broken with cyrus-sals 2.1.23 * [PHP-999] - Inline mapReduce command ignores read preferences * [PHP-1000] - RP support for "mapReduce" command, not just "mapreduce" ** Improvement * [PHP-998] - Include maxWriteBatchSize and maxMessageSizeBytes in connection info ** Task * [PHP-407] - MongoBinData should default to type 0 instead of 2 * [PHP-960] - Use createIndexes command when available * [PHP-987] - Use maxWriteBatchSize from ismaster for write command batch splitting. ** Sub-task * [PHP-993] - Merge batch return values into one return value

Community News: Packagist Latest Releases for 03.15.2014 - Sat, 15/03/2014 - 15:07
Recent releases from the Packagist:

Community News: Three Devs and a Maybe Podcast - Fri, 14/03/2014 - 19:51

The Three Devs and a Maybe podcast has been around since the end of last year and has posted some great episodes on a wide variety of topics, including several shows related to PHP. Some of their current shows include:

Check out the podcast and the past episodes and be sure to subscribe to their feed if you enjoy the show!


Jonathan Hill: How much does it cost to be a web developer? - Fri, 14/03/2014 - 18:17

Jonathan Hill has taken an interesting perspective in his recent post looking more at some of the average financial costs around being a web developer.

With Software Development topping 2014′s top jobs list, I thought I would share how much it cost me to become a web developer, and what my monthly expenses look like nowadays.

He breaks it down into a few different categories, listing an average price for each:

  • Initial (start-up) costs for hardware and software
  • Training costs
  • Recurring costs

Obviously, not all of the software and tools he lists are needed for every software developer, but it does give some perspective. Thankfully, he also links to some free alternatives to the tools he mentions that can reduce these costs as well.


ServerGrove Blog: Symfony2 components overview: Templating - Fri, 14/03/2014 - 17:11

The folks at ServerGrove have posted the latest in their series focusing in on various components of the Symfony2 framework. This time they look at the Templating component, useful for working with the output from the application, web or otherwise.

The Templating component provides an engine-agnostic infrastructure to load template files and render them using the input variables. Although the component provides methods for creating template systems, we are going to focus on how to integrate third-party template engines like Twig and Smarty, and how to use the right engine based on the templates file extension.

The post talks about typical PHP output (with escaping) and shows the difference between a call with htmlspecialchars and the use of the Template component to render a view. An example is also included showing the use of other template engines into the template object, plugged directly into the "render" method. The end of the post also briefly mentions an alternative template language, Plates, an option similar to Twig but uses native PHP rather than tags and placeholders.


SitePoint PHP Blog: Building a Simple Blog App with MongoDB and PHP - Fri, 14/03/2014 - 16:19

On there's a recent tutorial posted showing you the creation of a simple blog application with MongoDB + PHP. It's a basic overview, so it's mostly about creates and reads, but it does help get things working.

If you want to create a blog using MongoDB and PHP, this article will teach you. [...] The reason I chose to build a blog application is because it is a basic CRUD application and it is very suitable for easing into PHP and MongoDB web development. We will build a plain user interface using Bootstrap with simple textboxes and buttons. A MongoDB database will store all the content.

He starts off by introducing MongoDB and some of the basic concepts around databases, collections and documents as they relate to it. He then moves into the installation process, getting and configuring a simple MongoDB instance running on localhost. He helps you get the MongoDB PECL driver installed for PHP and includes a bit of code to test the connection. Finally, he gets into the blog example itself and includes the full code to get it up and running.


Community News: Packagist Latest Releases for 03.14.2014 - Fri, 14/03/2014 - 15:00
Recent releases from the Packagist: Lately in PHP Podcast #45 - "The Security of Future PHP Versions" - Thu, 13/03/2014 - 20:17

The latest episode of the "Lately in PHP" podcast series has been released by today - Episode 45, "The Security of Future PHP Versions".

As the plans for the upcoming PHP 5.6 and PHP 6 versions are being finalized, some of the proposals are about improving the security of these future PHP versions. That has been one of the main topics discussed by Manuel Lemos and César Rodas on the episode 45 of the Lately in PHP podcast. They also have talked about several other types of proposals and ideas for PHP 6, as well a tutorial on How to Use a Webcam to take Pictures in PHP Application.

You can listen to this latest episode in a few ways - either through the in-page audio player, by downloading the mp3 or you can watch the live recording over on YouTube.


Ulf Wendel: The performance penalty of the early MySQL Fabric support for PHP - Thu, 13/03/2014 - 19:16

In his latest post Ulf Wendel looks at the performance issues around the recently introduced MySQL Fabric support included in the mysqlnd extension.

PECL/mysqlnd_ms 1.6 is currently being modified to support sharding and fully automatic server and client failover when using MySQL Fabric (slides) to manage a farm of MySQL servers. PECL/mysqlnd_ms is a mostly transparent load balancer that works with all PHP MySQL APIs (PDO_MySQL, mysqli, ...). The idea is, that if, for example, a MySQL server fails, the plugin talks to MySQL Fabric to learn about alternative servers that Fabric has provisioned automatically. This "talks to" gives implies a performance penalty for applications.

He takes a look at what's happening "behind the scenes" when it comes to using the Fabric functionality and sharding (based on the use of mysqlnd_ms_select_shard). He traces through the execution path and how much slower then end result is. He includes some results from the connection debugging and the number of queries a single request makes.


Community News: phpBB Participates in the Google Summer of Code - Thu, 13/03/2014 - 18:54

As is mentioned in this new post to the phpBB forums, the project is participating in the Google Summer of Code project this year. phpBB is one of the longest running, widely used open source PHP forums software.

With two years of participation under our belt, I am glad to announce that phpBB is once again taking part in the Google Summer of Code (GSoC) program this year. Google's Summer of Code program encourages students to get involved in free and open source software (F/OSS) by pairing them up with experienced mentors in popular F/OSS projects.

If you're interested in working on the phpBB project this year, check out their Ideas page for some examples of things they're wanting to work on. You'll need to be familiar with the git version control system to do the work and will need to apply to be considered for this year's event.


Anthony Ferrara: Why I Don't Recommend Scrypt - Thu, 13/03/2014 - 17:11

Anthony Ferrara has a new post today looking at password hashing and a type of hashing that's beginning to get more attention in the PHP community - scrypt. However, he doesn't recommend it for production password storage and shares his reasoning why.

Scrypt was not designed for password storage. It was designed as a key derivation function for generating keys from weak material (namely passwords). The prime type of attack that scrypt is designed to defeat is ASIC based attackers. It is not designed to try to favor CPU over GPU (and thereby defeat GPU based attacks). It is this fact that we can leverage to gain an advantage when used as a password hashing mechanism.

He covers some of the basic design decisions that were made when scrypt was created. He also points out that none of the results of these decisions are strictly fatal, they just make it a bit weaker than something like bcrypt for password storage. He goes through the basic inputs scrypt requires and includes a quick snippet of code (not PHP, but easy to understand) showing its use. He talks about its "chain of 4 operations" and gets into what he sees as limitations: loop unrolling and the tune-able reduced memory usages. He finishes off the post mentioning that scrypt is still secure, but despite this he doesn't recommend it for password storage specifically.


SensioLabs Insight Blog: Jenkins integration - Thu, 13/03/2014 - 16:06

The latest post to the SensioLabs Insight blog today shows you how you can integrate the service with Jenkins as a part of your pre-existing continuous integration workflow.

One of the main features of SensioLabsInsight service is that it integrates smoothly into your existing workflow and technical infrastructure. We know that most companies use Jenkins as their continuous integration server and for that reason, SensioLabsInsight provides out-of-the-box Jenkins integration.

The integration uses the Insight API to perform the checks and return a report of the results. They step you through the process to get the connection set up (using the API client) and send the request for processing. The result is returned in PMD format, something Jenkins can easily parse and integrate into the pass/fail of the job. You can also get the details of the issues including error message, file location and the priority of the issue.


Community News: Packagist Latest Releases for 03.13.2014 - Thu, 13/03/2014 - 15:01
Recent releases from the Packagist:
Syndicate content